Global body set to introduce stiff security checks for member banks

MUMBAI: Rising instances of cyber attacks on banks had led to SWIFT, the global network that enables trillions of dollars transfers each day, to introduce a Customer Security Framework that mandates its member banks to upgrade their systems or face the threat of naming and shaming among other member banks.

Under this framework, banks have to adhere to 16 mandatory controls and 11 advisory controls, and requires each bank to confirm compliance on an annual basis. Banks which fail to adhere to these controls will be reported to the Reserve Bank of India as well.

“There are certain mandates that we are making within the community now and if they don’t comply with it, we will be publishing their names in the system,“ said, Kiran Shetty, CEO, SWIFT India. “So, for example, if I am a bank and if you want to send me some money , you will be able to look at my credentials related to cyber security and make your decision whether you want to deal with that bank or not.And we will also report this to the regulator saying that these banks have not complied.

“ Between November and December last year, SWIFT India started engaging banks to generate awareness about the new framework.This framework will be released to member banks by the first quarter of the next financial year. While SWIFT will start collecting details on these mandatory controls from Q2 2017, the enforcement of mandatory requirements will start from January 2018. SWIFT will then conduct inspections from internal and external auditors to ensure compli ance of these controls.

Applying these standards will help raise the security bar for customers on the SWIFT network and support to prevent and detect fraudulent use of their infrastructure. Implementation of these standards will also increase security awareness and education in the on-going fight against cyber-related wire fraud.

In the last eight months, at least four government-owned banks were hit by hackers to create fake trade documents that may have been used to raise finance abroad or facilitate dealings in banned items.

As per the audit done with the current member banks, SWIFT has observed that there is a significant opportunity to strengthen the transaction banking channels of Indian banks. According to data with the ministry of finance, top 51banks in India have lost ` . 485 crore from April 2013 to November 2016. Nearly 56% of the money lost was due to net-banking thefts and card cloning. As per estimates, there are at least 15 ransomware attacks per hour in the country and one in three Indians fall prey to it.